from NBCNews Website
Documents taken from the National Security Agency by Edward Snowden and exclusively obtained by NBC News describe techniques developed by a secret British spy unit called the Joint Threat Research and Intelligence Group (JTRIG) as part of a growing mission to go on offense and attack adversaries ranging from Iran to the hacktivists of Anonymous.
According to the documents, which come from presentations prepped in 2010 and 2012 for NSA cyber spy conferences, the agency's goal was to,
Both PowerPoint presentations describe "Effects" campaigns that are broadly divided into two categories: cyber attacks and propaganda operations.
The propaganda campaigns use deception, mass messaging and "pushing stories" via,
JTRIG also uses "false flag" operations, in
which British agents carry out online actions that are designed to look like
they were performed by one of Britain's adversaries.
Civil libertarians said that in using a DDOS attack against hackers the British government also infringed free speech by individuals not involved in any illegal hacking, and may have blocked other websites with no connection to Anonymous.
While GCHQ defends the legality of its actions,
critics question whether the agency is too aggressive and its mission too
King said British cyber spies had gone on
offense with "no legal safeguards" and without any public debate, even
though the British government has criticized other nations, like Russia, for
allegedly engaging in cyber warfare.
One intelligence official also said that the newest set of Snowden documents published by NBC News that describe "Effects" campaigns show that British cyber spies were "slightly ahead" of U.S. spies in going on offense against adversaries, whether those adversaries are hackers or nation states.
The documents also show that a one-time signals
surveillance agency, GCHQ, is now conducting the kinds of active espionage
operations that were once exclusively the realm of the better-known British
spy agencies MI5 and MI6.
When sent to adversaries, says the presentation, the virus will,
But the British cyber spies' operations do not always remain entirely online.
Spies have long used sexual "honey traps" to snare, blackmail and influence targets. Most often, a male target is led to believe he has an opportunity for a romantic relationship or a sexual liaison with a woman, only to find that the woman is actually an intelligence operative.
The Israeli government, for example, used a
"honey trap" to lure nuclear technician Mordechai Vanunu from London
to Rome. He expected an assignation with a woman, but instead was kidnapped
by Israel agents and taken back to Israel to stand trial for leaking nuclear
secrets to the media.
The target is lured,
The goal, according to the presentation, is to discredit the target.
But the documents do not give a specific example
of when the British government might have employed a honey trap.
The British government uses the program to try
to steer its quarry to "SIGINT friendly" hotels, according to the
presentation, where the targets can be monitored electronically - or in
person by British operatives.
and obtained by NBC News.
According to the documents obtained by NBC News, the intelligence agency uses the information to spy on human targets through "close access technical operations," which can include listening in on telephone calls and tapping hotel computers as well as sending intelligence officers to observe the targets in person at the hotels.
The documents ask,
The 2010 presentation also describes another potential operation that would utilize a technique called "credential harvesting" to select journalists who could be used to spread information.
According to intelligence sources, spies considered using electronic snooping to identify non-British journalists who would then be manipulated to feed information to the target of a covert campaign. Apparently, the journalist's job would provide access to the targeted individual, perhaps for an interview.
The documents do not specify whether the
journalists would be aware or unaware that they were being used to funnel
Simon also said that governments put all journalists at risk when they use even one for an intelligence operation.
The journalist operation was never put into
action, according to sources, but other techniques described in the
documents, like the Ambassadors Reception computer virus and the jamming of
phones and computers, have definitely been used to attack adversaries.
The documents do not give examples of when these
techniques were used, but intelligence sources say that some of the methods
described have been used by British intelligence to help British police
agencies catch suspected criminals.
The British government's intelligence apparatus,
which also includes MI5 and MI6, had a role in the 2010
Stuxnet computer virus attack on Iran's
nuclear facilities, according to sources at two intelligence agencies.
In a statement, a GCHQ spokesperson emphasized that the agency operated within the law.
Journalist Glenn Greenwald was formerly a columnist at Salon and the Guardian.
In late 2012 he was contacted by NSA contractor Edward Snowden, who later provided him with thousands of sensitive documents, and he was the first to report on Snowden's documents in June 2013 while on the staff of the Guardian.
Greenwald has since reported on the documents with multiple media outlets around the world, and has won several journalism awards for his NSA reporting both in the U.S. and abroad.
He is now helping launch, and will write for, a new, non-profit media outlet known as First Look Media that will,